package com.probiz.estore.core.listener;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.acegisecurity.Authentication;
import org.acegisecurity.ui.logout.SecurityContextLogoutHandler;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.probiz.estore.common.helper.AppAuditHelper;
import com.probiz.estore.webapp.util.RequestUtil;

public class LogoutHandler extends SecurityContextLogoutHandler {
	private final static transient Log logger = LogFactory.getLog(LogoutHandler.class);

	@Override
	public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
		logger.info("processing logout ...");
		// set a flag to indicate Auditer this is a logout event
		request.getSession().setAttribute("IS_LOGOUT", "true");

		super.logout(request, response, authentication);

		RequestUtil.removeUserCookies(response, request.getContextPath());
		// 退出系统日志
		if (authentication != null) {
			AppAuditHelper.getInstance().doAuditAction(AppAuditHelper.ACTION_LOGOUT, null, AppAuditHelper.RESULT_SUCCESS, request.getRemoteAddr(),
					authentication.getName());
		}
	}
}
